dd4b77ff53
A regular user can reset an admin-only attribute to its default
value due to the fact that a corresponding policy rule is
enforced only in the case when an attribute is present in the
target AND has a non-default value.
Added a new attribute "attributes_to_update" which contains a list
of all to-be updated attributes to the body of the target that is
passed to policy.enforce.
Changed a check for whether an attribute is explicitly set.
Now, in the case of update, the function should not pay attention
to a default value of an attribute, but check whether it was
explicitly marked as being updated.
Added unit-tests.
Conflicts:
neutron/common/constants.py
Closes-Bug: #1357379
Related-Bug: #1338880
Change-Id: I6537bb1da5ef0d6899bc71e4e949f2c760c103c2
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| __init__.py | ||
| config.py | ||
| constants.py | ||
| exceptions.py | ||
| ipv6_utils.py | ||
| legacy.py | ||
| log.py | ||
| rpc.py | ||
| test_lib.py | ||
| topics.py | ||
| utils.py | ||